system security overview
play

System Security Overview with an Emphasis on Security Issues for - PowerPoint PPT Presentation

Jul 11, 2023 •397 likes •1.47k views

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part 1) Byoungyoung Lee ( ) byoungyoung@snu.ac.kr Seoul National University 1 Speaker: Byoungyoung Lee ( ) Research areas:

  1. Fuzzing in the old days: Excel example Randomly Run Excel Generate/mutate an Excel file 24

  2. Fuzzing in the old days: Excel example Randomly Crash! Run Excel Generate/mutate an Excel file 24

  3. Fuzzing in the old days: Excel example Randomly Crash! Run Excel Generate/mutate an Excel file Finding a crashing input gets harder and harder  24

  4. Fuzzing: Desired Features • Fuzzing attempts to • Detect explicit violation • While exploring all different program states in a given implementation • Desired features • Good violation detection capability • Exploring all different program states 25

  5. Fuzzing: Good Violation Detection Capability • Memory bug • Violation conditions are clear • Per-pointer capability w.r.t. accessing memory space • Concurrency bug • Violation conditions are clear • If race occurs, it is undefined behavior • Challenges: False positive issues in concurrency bug detection • Undefined behavior can be implementation-defined behavior • Developers may intentionally introduce races • Difficult to differentiate benign VS harmful races • Semantic bug • Challenges: Violation conditions are unclear • We don’t even know violation conditions • Only assertions (manually inserted by developers) may help • Only a few research have been done 26

  6. Fuzzing: Exploring all different program states • State exploration and bug finding • More code coverage  More complete testing  More bugs • Most fuzzing techniques take coverage-oriented genetic algorithm (proposed by AFL) • Coverage-oriented genetic algorithm for fuzzing • Design an object function f to evaluate goodness of input’s coverage • Algorithm • Initialize a corpus C • Corpus: a set of inputs to be mutated • Generate an input i • Generation: Randomly generate i from scratch • Mutation: Pick c from C, and then mutate c • If f(i) >= f(c) for all c in C • Add input i to the corpus C 27

  7. Fuzzing: Exploring all different program states • Covering complete context sensitivity is challenging • Concurrency bugs are much more complex • Scheduler mechanisms can be seen as non-deterministic • For fuzzing, input definition is complicated • Should consider thread interleaving • Related to hardness of race bug reproduction 28

  8. Challenges in Fuzzing: Violation Detection input output 29

  9. Challenges in Fuzzing: Violation Detection input output This crash may not be observable in practice. It may simply overwrite some other variables, and it won't involve critically bad behaviors. 29

  10. Memory error bugs • Spatial safety violation • When accessing beyond allocated memory regions • e.g., stack overflow, heap overflow • Temporal safety violation • When accessing deallocated memory regions • e.g., use-after-free, double-free 30

  11. Memory Error: Detection Approaches • Pointer-based detection • Keep track of each pointer’s capability w.r.t. memory accesses • Software: SoftBound [PLDI 09], CETS [ISMM 10] • Hardware: Watch Dog [ISCA 12], Intel Memory Protection Extension (MPX) • Redzone-based detection • Keep track of global memory space accessibility • Software: AddressSanitizer [ATC 12] • Hardware: REST [ISCA 18] 31

  12. SoftBound [PLDI 09] • Maintain per-pointer metadata • (base, bound) per pointer • Runtime safety enforcement • All memory access should be within the range (base, base+bound) • Metadata propagation • Per-pointer metadata is propagated when performing pointer arithmetic operations • Disjoint metadata scheme • For better compatiblity , metadata space is isolated from original program’s memory space 32

  13. Intel MPX • Hardware-assisted version of SoftBound • Hardware-assisted metadata management • Metadata management: Bound registers + Bound table • Bound registers • (base, bound) information is now stored in CPU registers • Fast bound check: a dedicated instruction is supported by MPX • Bound table • Used if bound registers are not available • Limitations • Compatibility issues (arbitrary type casting, external libraries, multi-threading) • More details: Intel MPX Explained [SIGMETRICS 18] 33

  14. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Check before access Shadow memory Accessible 34

  15. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Check before Redzone: access inaccessible region between objects Shadow memory Accessible Inaccessible (redzone) 34

  16. AddressSanitizer [ATC 12] • Buffer overflow (spatial memory errors) ptrX Shadow memory: a bitmap to validate all addresses objX Redzone: Error! inaccessible region between objects Shadow memory Accessible Inaccessible (redzone) 34

  17. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX objX Accessible Inaccessible Shadow memory 35

  18. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrX Quarant- free(ptrX) objX Region is invalidated ined and quarantined, but not deallocated Accessible Inaccessible Shadow memory 35

  19. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrX Hold the Quarant- free(ptrX) objX region until ined quarantine zone is full (FIFO) Accessible Inaccessible Shadow memory 35

  20. AddressSanitizer [ATC 12] • Use-after-free (Temporal memory errors) ptrX ptrY ptrX ptrY = Quarant- malloc() free(ptrX) objX objY The region is actually ined deallocated, and can be allocated for a new object Accessible Inaccessible Shadow memory 35

  21. REST [ISCA 18] • Hardware-assisted version of AddressSanitizer • A fixed token value in redzone • A pre-determined random value (in 64-byte space) is reserved for representing an invalid memory region • No need to maintain shadow memory • Validity checks on memory read/write can be very efficient • Simply check if the token bit (in cache) is set 36

  22. Race condition • Race conditions • If following three conditions meet • Two instructions access the same memory location • At least one of two is a write instruction • These two are executed concurrently • If a race condition occurs, the computational results may vary depending on the execution order. 37

  23. Race condition: A simple example a = 1; a = 0; If (a) { b = 0; } else { b = 1; } Thread 1 Thread 2 38

  24. Race condition: A simple example a = 1; a = 0; If (a) { b = 0; } else { b = 1; } Thread 1 Thread 2 b will be 1 38

  25. Race condition: A simple example a = 0; a = 1; a = 1; a = 0; If (a) { If (a) { b = 0; b = 0; } else { } else { b = 1; b = 1; } } Thread 1 Thread 2 Thread 1 Thread 2 b will be 1 38

  26. Race condition: A simple example a = 0; a = 1; a = 1; a = 0; If (a) { If (a) { b = 0; b = 0; } else { } else { b = 1; b = 1; } } Thread 1 Thread 2 Thread 1 Thread 2 b will be 1 b will be 0 38

  27. Real-world int fd = open(”/dev/ ptmx ”); race example: write(fd , “……”); ioctl(fd, TCFLSH); User CVE-2017-2636 ioctl(fd, TCXONC); User thread A User thread B close(fd); (Linux Kernel) 431: if (n_hdlc->tbuf) { 432: push_back(free_list, n_hdlc->tbuf); 216: tbuf = n_hdlc->tbuf; 440: n_hdlc->tbuf = NULL; 217: if (tbuf) Kernel 441: } 218: push_back(free_list, tbuf); Kernel thread B Kernel thread A 266: if (n_hdlc->flag & TCXONC) 267: while (list_empty(free_list)) { 268: buf = pop_front(free_list); 269: kfree(buf); 270: } 39

  28. Real-world int fd = open(”/dev/ ptmx ”); race example: write(fd , “……”); ioctl(fd, TCFLSH); User CVE-2017-2636 ioctl(fd, TCXONC); User thread A User thread B close(fd); (Linux Kernel) 431: if (n_hdlc->tbuf) { 432: push_back(free_list, n_hdlc->tbuf); 216: tbuf = n_hdlc->tbuf; 440: n_hdlc->tbuf = NULL; 217: if (tbuf) Kernel 441: } 218: push_back(free_list, tbuf); Kernel thread B Kernel thread A 266: if (n_hdlc->flag & TCXONC) This will turn into “double - free”, 267: while (list_empty(free_list)) { 268: buf = pop_front(free_list); which in turn allows a privilege escalation 269: kfree(buf); 270: } 39

  29. Race condition and fuzzing • Finding race conditions through fuzzing is challenging • How to execution racing pair instructions concurrently ? • All the execution interleaving (scheduling) is “randomly” determined • Case study: Previous techniques • Syzkaller: a system call fuzzer for the Linux kernel • SKI: an academic prototype to find a race [OSDI 14] 40

  30. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B 41

  31. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  32. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  33. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller 41

  34. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  35. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  36. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  37. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 … … Guest ` v v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  38. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) mov $0x2400,%esi add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  39. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 ⑤ … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) ⑥ mov $0x2400,%esi ⑦ add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B ⬤ : Syzkaller ⃝ : SKI 41

  40. … … syscall j (y, …) syscall i – 1 (w, …) Guest syscall j + 1 (z, …) syscall I (x, …) User … … User Thread A User Thread B … … u ① u ② … … cmp %r14,%r12 mov -0x20(%rdi), %r8 ③ je ffff …..734 test %r8, %r8 ⑤ … … Guest ` v ④ v Kernel … … movq $0, 0x20(%rbx) ⑥ mov $0x2400,%esi ⑦ add $0x10,%rdi callq 0xffff……cbf0 … … … … Kernel Thread A Kernel Thread B Very unlikely to be executed concurrently ⬤ : Syzkaller  Very unlikely to trigger a race! ⃝ : SKI 41

  41. Finding Kernel Races through Fuzzing • Razzer [S&P 19] • #1. Static analysis to find potential race spots • Points-to analysis over an entire kernel • #2. For each potential race spots, setup per-core breakpoint • Run the kernel on modified hypervisor (QEMU/KVM) • #3. Check if a race truly occurs • Prioritize a truly racing pair to be further fuzzed later 42

  42. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  43. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  44. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B u Execute u Execute mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

  45. Guest write(fd , “…”) ioctl(fd,TCFLSH) … sshd init user User thread A User thread B u Execute u Execute mov 0x20(%rdi), %r8 movq $0, 0x20(%rbx) v v Breakpoint Guest test %r8, %r8 callq 0xffff……cbf0 Kernel Kernel thread B Kernel thread A Hypervisor vCPU0 vCPU1 43

Recommend

Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web

Overview System Security Scanning Security Scanning and Discovery Important Security Web Sites Fingerprinting OS FingerPrinting IP Stacks Share Scans Chapter 14 SNMP Vulnerabilities FingerPrinting TCP/IP Services

439 views • 8 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for

SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for

SYSTEM OF SYTEMS SECURITY (SOSSEC) OVERVIEW 1 VISION A fully capable System of Systems for Homeland Security/Homeland Defense that enables decisive Action to prevent, mitigate, respond and recover from all catastrophic incidents regardless

528 views • 27 slides
System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part

System Security Overview with an Emphasis on Security Issues for Storage and Emerging NVM (Part 2) Byoungyoung Lee ( ) byoungyoung@snu.ac.kr Seoul National University 1 Outline Part1. Bugs in File Systems Semantic inconsistency

1.27k views • 115 slides
Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

475 views • 33 slides
GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin

National Taiwan University Department of Computer Science and Information Engineering GSM System Overview GSM System Overview GSM System Overview GSM System Overview Phone Lin Phone Lin Ph.D. Ph.D. Email: plin@csie.ntu.edu.tw Email:

686 views • 41 slides
OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System System Overview Purpose To provide a framework for security assessors to correlate and

438 views • 12 slides
System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn

System Security I: Introduction TDDD17 Information Security, Second Course Ulf Kargn Department of Computer and Information Science Linkping University System Security 2 Security in computer systems Hardware (System)

838 views • 56 slides
Protection and Security Threat is potential security violation Attack is attempt to breach

Protection and Security Threat is potential security violation Attack is attempt to breach

CSC 4103 - Operating Systems The Security Problem Spring 2007 Security must consider external environment of the system, and protect the system resources Lecture - XX Intruders (crackers) attempt to breach security Protection and

195 views • 4 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
Overview Security Maintenance Practices and Principles Securing Operating Systems Patches,

Overview Security Maintenance Practices and Principles Securing Operating Systems Patches,

Overview Security Maintenance Practices and Principles Securing Operating Systems Patches, Fixes, Revisions Antivirus Software Post-Install Security Checklist: Windows/UNIX File System Security Issues Chapter 10 User

362 views • 8 slides
System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa...

System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa...

System Security System Security Aurlien Francillon francill@eurecom.fr Administrativa... Administrativa... About me Assistant professor at Eurecom since 2011 Doing security research Embedded systems (MCU, smart phones,...)

1.21k views • 100 slides
Module 20: Security The Security Problem Authentication Program Threats System

Module 20: Security The Security Problem Authentication Program Threats System

Module 20: Security The Security Problem Authentication Program Threats System Threats Threat Monitoring Encryption Silberschatz and Galvin 1999 Operating System Concepts 20.1 The Security Problem Security must

155 views • 11 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and

Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and

Virginia Retirement System Overview Presented to: Commission on Employee Retirement Security and Pension Reform July 11, 2016 Patricia S. Bishop, VRS Director VRS Overview VRS Total Membership Plan 1 Plan 2 Hybrid* Total 89,979 37,571

597 views • 38 slides
Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Stuart

947 views • 49 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
Roadmap for Section 7.1 The Security Problem - a Definition Program & System Threats

Roadmap for Section 7.1 The Security Problem - a Definition Program & System Threats

Unit OS7: Security 7.1. The Security Problem Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 7.1 The Security Problem - a Definition Program & System Threats Security

518 views • 6 slides
Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant KEMA, Inc. (408) 253-7934 joe.weiss@kema.com Stuart Katzke, Ph.D. Senior

764 views • 40 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
Module 19: Security The Security Problem Authentication Program Threats System

Module 19: Security The Security Problem Authentication Program Threats System

Module 19: Security The Security Problem Authentication Program Threats System Threats Securing Systems Intrusion Detection Encryption Windows NT Operating System Concepts Silberschatz, Galvin and Gagne 2002

425 views • 9 slides
IS ARCHITECTURE OVERVIEW 2110684 Information System Architecture Natawut Nupairoj, Ph.D. Course

IS ARCHITECTURE OVERVIEW 2110684 Information System Architecture Natawut Nupairoj, Ph.D. Course

2110684 - IS Architecture Overview IS ARCHITECTURE OVERVIEW 2110684 Information System Architecture Natawut Nupairoj, Ph.D. Course Plan Overview and Background Concepts Core Infrastructure System Management / Security / Tuning

751 views • 41 slides
System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System

System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System

System Aware Cyber Security Barry M. Horowitz, PI University of Virginia November, 2012 System Aware Cyber Security Operates at the system application-layer , For security inside of the network and perimeter protection provided for the

164 views • 3 slides

More recommend